Cyber Vulnerabilities of On-Train Data Networks
Digitisation of on-train data networks brings Cyber Security risks
The current digitisation of trains is bringing many benefits in terms of operational efficiency and customer service. However, digitisation requires connectivity in the form of on-board and often wayside networks, and like any connected network, these now require a cyber security focus.
Compared to corporate IT networks, there are few current designs of on-train data networks or devices with robust cyber security protection measures, leaving railways exposed to cyber vulnerabilities.
Modern Trains: A Digital Powerhouse
Modern train fleets are bristling with digital subsystems and IP-addressable devices. Digital CCTV footage is now downloaded remotely, passengers have access to WiFi, and drivers are guided by real-time in-cab signalling systems fed from wayside networks.
This digital revolution onboard modern trains means that mission critical systems such as doors and brakes are now optimised with smart, connected software. The same is true for seat reservation, passenger information, and fire & emergency systems; air conditioning, lighting, and so on. In fact, some modern trains can have as many as 20 digitised systems onboard, all requiring some degree of connectivity.
Connected, but Not Protected: The Cyber Security Gap
Of course it is important that on-train networks and each of the on-board systems has appropriate access and connectivity, however this must take into account the use of effective cyber security controls.
The increased connectivity of networks and systems amasses a potentially fruitful attack surface that if exploited, could lead to operational disruption, potential safety exposures, encrypted data and systems, ransom demands, and reputational damage.
Tackling the Issue
RazorSecure is a cyber security company that specialises in providing solutions for the rail industry. We have been deploying on-train cyber protection since 2018 and currently protect 3,200 units across Europe and USA.
We have developed a range of solutions to align with the latest cyber security frameworks and regulations including AS7770, whilst also supporting efficient ongoing operations.
We will be exhibiting at AusRail 2023 from the 14th – 16th November as part of the UK Pavilion, in partnership with the Railway Industry Association. We will be presenting our innovative solutions to the Australian market and look forward to meeting with new and existing customers to discuss all things cyber security. To schedule some time with one of our team and discuss how our holistic approach can fit your specific requirements, check out our contact form or come and say hello at the event!